On 01 Mar 21:53, Chris G wrote:
On Sat, Mar 01, 2008 at 07:27:42PM +0000, Wayne Stallwood wrote:
On Sat, 2008-03-01 at 18:43 +0000, Chris G wrote:
You don't necessarily have to run it yourself, there are free to use mindTerms floating around on the internet, some are dedicated to accessing specific systems but not all, you can use them to access anywhere.
Unless it is someone totally and completely trusted wouldn't that defeat the whole point of encrypting the session in the first place ?
I don't think so, no, the encryption means that even the 'owner' of the MindTerm can see what you're typing.
Well, given that MindTerm just creates an outbound ssh connection from the machine that the APPLET is running on... if the ssh port is blocked it's going to be of little to no use anyways.
Also, I'm assuming that you meant "can't", now if mindterm worked in the way of the content travelling over https then going back out via ssh, you'll realise the your statement would be incorrect, because the "end point" would be the webserver, it'd then need to re-encode for the ssh session, which means that you end up with the content in plain text at that transition.
There is (somewhere) a nasty fastcgi -> ssh gateway, but that would then work as described above, and so you'd *only* want to run it on *completely* trusted hosts (i.e. the cgi should run somewhere that only trusted people have access to).
Cheers,